Information Systems Security Research Group (ISSRG)
Key Aims
The ISSRG's mission is to research and develop leading edge user
friendly security solutions for distributed systems. The group has many
years of experience of research in Federated Identity Management, Public Key Infrastructures,
Privilege Management Infrastructures, Trust Management and Privacy Management, having participated in many EC
and UK projects since the late 90s.
The ISSRG are the authors of PERMIS,
a fully functional open source authorisation (or privilege management)
infrastructure written in Java. The source code is available here.
PERMIS is fully integrated with Shibboleth and Globus toolkit to provide policy based
authorisation for federated and/or Grid applications using the industry standard
SOAP/SAML protocol.
We have successfully run several academic conferences including IFIP CMS in 2004 and 2012, and EuroPKI in 2005.
Areas of Research Activity
Research grants associated with members of this group are available in
detail and summary form. Members are engaged in the following areas of
research (research areas in more detail) .
Public Key and Privilege Management Infrastructures
Policy based security
Privacy and Security
User Friendly Security
Trust management and metrics and Reputation Systems
Security and Risk Management
Autonomic Security
Some Current and Past Project Links
PERMIS - PERMIS provides
application builders with software to make access control decisions, and also gives
them tools for managing policies, role assignments, and delegations
between users. (http://sec.cs.kent.ac.uk/permis)
OpenPERMIS - The OpenPERMIS
website hosts the open source code that is used to construct the
PERMIS release packages. (http://www.openpermis.info)
TAS3
- The TAS³ Integrated Project (Trusted Architecture for Securely Shared
Services) was a European wide project that developed privacy protecting services for applications handling
personal information, which is collected & stored at distributed
locations and used in a multitude of business processes. (http://www.tas3.eu)
CLASSe
- The CLASSe project is a GEANT open call project which is adding the IETF ABFAB protocol suite to the OpenStack cloud software. It
follows on from the successful EPSRC funded My Private Cloud project,
which added several TAS3 services to the Eucalyptus open source cloud software, and the Sticky Policy Security APIs for the Cloud project,
which integrated protocol independent federation into the OpenStack software.